LloydLabs / wsb-detectLinks
wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB")
☆373Updated 2 years ago
Alternatives and similar repositories for wsb-detect
Users that are interested in wsb-detect are comparing it to the libraries listed below
Sorting:
- some gadgets about windows process and ready to use :)☆587Updated last year
- Adaptive DLL hijacking / dynamic export forwarding☆757Updated 4 years ago
- Just another Windows Process Injection☆399Updated 4 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆333Updated 3 years ago
- Evade sysmon and windows event logging☆623Updated 5 years ago
- A way to delete a locked file, or current running executable, on disk.☆535Updated 10 months ago
- Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)☆420Updated 4 years ago
- Bypass UAC by hijacking a DLL located in the Native Image Cache☆214Updated 3 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Updated last year
- Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions☆488Updated 4 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆581Updated 3 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆549Updated last year
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆389Updated 5 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆344Updated 4 years ago
- Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.☆612Updated 2 years ago
- ☆347Updated 3 years ago
- Local Privilege Escalation Edition for CVE-2021-1675/CVE-2021-34527☆333Updated 3 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆447Updated 4 years ago
- Phantom DLL hollowing PoC☆361Updated 3 years ago
- A collection of tools to abuse chrome browser☆291Updated 4 years ago
- Killing your preferred antimalware by abusing native symbolic links and NT paths.☆362Updated 3 years ago
- DLL and PowerShell script to assist with finding DLL hijacks☆336Updated 4 years ago
- CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege☆339Updated 3 years ago
- AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.☆390Updated 6 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 5 years ago
- A meterpreter extension for applying hooks to avoid windows defender memory scans☆246Updated 4 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆331Updated 5 years ago
- Windows 10 UAC bypass for all executable files which are autoelevate true .☆646Updated 5 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆345Updated 4 years ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆777Updated 3 years ago